A threat actor has announced that they are selling a significant amount of data allegedly stolen from Truist Bank, linking the breach to a wider Snowflake breach. The compromised data includes sensitive information about both employees and bank transactions, alongside source code for the bank’s IVR funds transfer system.
Details of the Alleged Breach:
- Price: $1,000,000
- Data Included:
- Employee Records: 65,000 records containing detailed personal and professional information.
- Bank Transactions: Data including customer names, account numbers, and balances.
- IVR Source Code: Source code for the bank’s Interactive Voice Response (IVR) funds transfer system.
This breach, if confirmed, could have far-reaching implications for Truist Bank, its employees, and its customers. The inclusion of employee records and bank transaction details poses serious risks of identity theft and financial fraud. Additionally, the exposure of the IVR funds transfer source code could potentially lead to further security vulnerabilities.
The threat actor has set the price for this data at $1,000,000, emphasizing the perceived value and sensitivity of the information. This announcement highlights the increasing sophistication of cyberattacks and the critical importance of robust cybersecurity measures for financial institutions.